libimobiledevice and libusbmuxd are vulnerable to exposure of iOS decive to attacker on the local network. The attack is possible because of a flaw in the socket_create function in common/socket.c in libimobiledevice and libusbmuxd, leading to the bypass of intended access restrictions. Therefore, the attacker can communicate with services on iOS devices by connecting to an IPv4 TCP socket.
CPE | Name | Operator | Version |
---|---|---|---|
libimobiledevice | eq | 1.0.0 | |
libusbmuxd | eq | 1.0.9 |